Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (7707 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2025-24679 2026-04-15 N/A
Missing Authorization vulnerability in webraketen Internal Links Manager seo-automated-link-building allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Internal Links Manager: from n/a through <= 2.5.2.
CVE-2025-24691 2026-04-15 N/A
Missing Authorization vulnerability in ctltwp People Lists people-lists allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects People Lists: from n/a through <= 1.3.10.
CVE-2025-24692 1 Wordpress 1 Wordpress 2026-04-15 N/A
Missing Authorization vulnerability in M.Code Bulk Menu Edit bulk-menu-edit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bulk Menu Edit: from n/a through <= 1.3.
CVE-2025-24693 2026-04-15 N/A
Missing Authorization vulnerability in Yehi Advanced Notifications advanced-notifications allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Notifications: from n/a through <= 1.2.7.
CVE-2025-24697 2026-04-15 N/A
Missing Authorization vulnerability in Realwebcare Image Gallery – Responsive Photo Gallery awesome-responsive-photo-gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Gallery – Responsive Photo Gallery: from n/a through <= 1.0.5.
CVE-2025-24705 2026-04-15 N/A
Missing Authorization vulnerability in Arshid WooCommerce Quick View woo-quick-view allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Quick View: from n/a through <= 1.1.1.
CVE-2025-24725 2026-04-15 N/A
Missing Authorization vulnerability in ThimPress Thim Elementor Kit thim-elementor-kit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Thim Elementor Kit: from n/a through <= 1.2.8.
CVE-2025-24734 2 Codesolz, Wordpress 2 Better Find And Replace, Wordpress 2026-04-15 N/A
Missing Authorization vulnerability in CodeSolz Better Find and Replace real-time-auto-find-and-replace allows Privilege Escalation.This issue affects Better Find and Replace: from n/a through <= 1.6.7.
CVE-2025-24747 2026-04-15 N/A
Missing Authorization vulnerability in favethemes Houzez houzez.This issue affects Houzez: from n/a through <= 3.4.0.
CVE-2025-24748 2026-04-15 N/A
Missing Authorization vulnerability in ThemeFusion Avada avada.This issue affects Avada: from n/a through <= 7.11.10.
CVE-2025-24750 2026-04-15 N/A
Missing Authorization vulnerability in Syed Balkhi ExactMetrics google-analytics-dashboard-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ExactMetrics: from n/a through <= 8.1.0.
CVE-2025-24751 2 Godaddy, Wordpress 2 Coblocks, Wordpress 2026-04-15 N/A
Missing Authorization vulnerability in GoDaddy CoBlocks coblocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CoBlocks: from n/a through <= 3.1.13.
CVE-2025-24754 1 Wordpress 1 Wordpress 2026-04-15 N/A
Missing Authorization vulnerability in favethemes Houzez houzez.This issue affects Houzez: from n/a through <= 3.4.0.
CVE-2025-24757 1 Wordpress 1 Wordpress 2026-04-15 N/A
Missing Authorization vulnerability in AndonDesign uDesign udesign.This issue affects uDesign: from n/a through <= 4.11.2.
CVE-2025-24763 2 Bbpress, Wordpress 2 Bbpress, Wordpress 2026-04-15 N/A
Missing Authorization vulnerability in Pascal Casier bbPress API bbp-api allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects bbPress API: from n/a through <= 1.0.14.
CVE-2025-24776 2026-04-15 N/A
Missing Authorization vulnerability in codelobster Responsive Flipbooks responsive-flipbooks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Responsive Flipbooks: from n/a through <= 1.0.
CVE-2025-24778 2026-04-15 N/A
Missing Authorization vulnerability in De paragon No Spam At All no-spam-at-all allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects No Spam At All: from n/a through <= 1.3.
CVE-2025-2568 2026-04-15 5.3 Medium
The Vayu Blocks – Gutenberg Blocks for WordPress & WooCommerce plugin for WordPress is vulnerable to unauthorized access and modification of data due to missing capability checks on the 'vayu_blocks_get_toggle_switch_values_callback' and 'vayu_blocks_save_toggle_switch_callback' function in versions 1.0.4 to 1.2.1. This makes it possible for unauthenticated attackers to read plugin options and update any option with a key name ending in '_value'.
CVE-2025-26920 1 Wordpress 1 Wordpress 2026-04-15 N/A
Missing Authorization vulnerability in pressmaximum Customify customify-theme allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Customify: from n/a through <= 0.4.8.
CVE-2025-26944 2026-04-15 N/A
Missing Authorization vulnerability in Crocoblock JetPopup jet-popup allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetPopup: from n/a through <= 2.0.11.